Nginx 反向代理

vim /etc/nginx/nginx.conf

http {

    # 开启 gzip
    gzip on;
    gzip_min_length 1k;
    gzip_buffers 4 16k;
    gzip_http_version 1.1;
    gzip_comp_level 2;
    # 已压缩的图像格式（如：jpg、png），再次压缩无意义，反而浪费 cpu 资源
    gzip_types text/plain application/javascript application/x-javascript text/javascript text/css application/xml application/json font/ttf font/otf image/svg+xml application/xml+rss text/x-js;
    gzip_vary on;
    gzip_proxied expired no-cache no-store private auth;
    gzip_disable "MSIE [1-6]\.";

    server {
        # 监听端口
        listen       80;
        # 域名。可使用下划线，代表所有域名
        #server_name  _;
        server_name  www.ujcms.com;
        # 程序目录
        # windows目录
        #root         D:/tomcat/webapps/ROOT
        # 如使用部署路径，则需要加上部署路径
        #root         D:/tomcat/webapps/ROOT/my_context_path
        root         /data/tomcat/webapps/ROOT;
        index        index.html index.htm;
        
        # 图片缓存
        location ~ .*\\.(jpg|jpeg|png|gif|ico|svg|webp|avif|bmp|swf)$ {
            expires      30d;
            add_header Cache-Control "public, no-transform";
            error_log /dev/null;
            access_log /dev/null;
        }
        
        # 开启 js、css 缓存
        location ~ .*\\.(js|css)?$ {
            expires      12h;
            add_header Cache-Control "public, no-transform";
            error_log /dev/null;
            access_log /dev/null;
        }
        
        # 禁止访问/WEB-INF/目录下文件
        location /WEB-INF/ {
            deny  all;
        }
        
        # 目录存在，则重定向至目录。如访问 /foo，目录存在的话，会重定向至 /foo/
        if (-d $request_filename) {
            rewrite ^/(.*[^/])$ $scheme://$host/$1/ permanent;
        }
        
        # 如使用部署路径，则可加上部署路径。如 location /my_context_path
        location / {
            # 如果uri地址对应文件或目录不存在，则使用代理转发到tomcat
            try_files $uri $uri/index.html $uri/index.htm @proxypass;
        }
        
        location @proxypass {
            # 代理至tomcat，tomcat需监听8080端口
            proxy_pass http://127.0.0.1:8080;
            # 处理反向代理时无法获取真实 IP 的问题
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Real-Port $remote_port;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header X-Forwarded-Host $host;
            proxy_set_header X-Forwarded-Port $server_port;
            proxy_set_header REMOTE-HOST $remote_addr;
            proxy_buffering off;
            proxy_connect_timeout 60s;
            proxy_send_timeout 600s;
            proxy_read_timeout 600s;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
        }
    }
}